Extracted

• 2b70f6332ae880cd78a4e866ddbd420d878533c5c002fb2da3dc29cddf79c2c9

  .exe windows:6 windows x64 arch:x64

  ee4c9e6c265bc2e2d3c0430658b46f04

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  PDB Paths

  F:\Home\Security\Evasion\Tech\Anti-VTVM\checkC\Project1\x64\Release\Project1.pdb

  Imports

  kernel32

  DeviceIoControl

  VirtualAlloc

  CreateToolhelp32Snapshot

  Process32NextW

  CreateFileA

  Process32FirstW

  CloseHandle

  GetSystemInfo

  WideCharToMultiByte

  GetTickCount

  RtlLookupFunctionEntry

  RtlVirtualUnwind

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  GetCurrentProcess

  TerminateProcess

  RtlCaptureContext

  GetModuleHandleW

  IsDebuggerPresent

  InitializeSListHead

  GetSystemTimeAsFileTime

  GetCurrentThreadId

  GetCurrentProcessId

  QueryPerformanceCounter

  IsProcessorFeaturePresent

  vcruntime140

  __C_specific_handler

  strstr

  __current_exception

  memset

  __current_exception_context

  memcpy

  api-ms-win-crt-stdio-l1-1-0

  __p__commode

  __acrt_iob_func

  _pclose

  _popen

  fgets

  __stdio_common_vfprintf

  _set_fmode

  api-ms-win-crt-string-l1-1-0

  strcat_s

  api-ms-win-crt-runtime-l1-1-0

  _register_thread_local_exe_atexit_callback

  _c_exit

  _initialize_onexit_table

  _cexit

  _crt_atexit

  terminate

  _seh_filter_exe

  _set_app_type

  _exit

  __p___argv

  __p___argc

  _register_onexit_function

  exit

  _initterm_e

  _initterm

  _get_initial_narrow_environment

  _initialize_narrow_environment

  _configure_narrow_argv

  api-ms-win-crt-math-l1-1-0

  __setusermatherr

  api-ms-win-crt-locale-l1-1-0

  _configthreadlocale

  api-ms-win-crt-heap-l1-1-0

  _set_new_mode

  Sections

  .text

  Size: 5KB - Virtual size: 5KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 6KB - Virtual size: 5KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 512B - Virtual size: 1KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .pdata

  Size: 512B - Virtual size: 504B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 512B - Virtual size: 480B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 512B - Virtual size: 48B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ